HOME

Privacy Policy for Ana Carolina Maganha Almeida, PhD – EU Environmental Compliance Strategist

Effective Date: [12th January 2026]
Last Updated: [12th January 2026]

1. Data Controller

Ana Carolina Maganha de Almeida
VAT/P.IVA: IT02461830560
Address: Viterbo, Italy
Email: ana.kumlien@gmail.com
Phone: +39 346 370 9748

2. Introduction

This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the EU General Data Protection Regulation (GDPR) and applicable Italian data protection laws.

We are committed to protecting your privacy and handling your personal data with transparency and security.

3. What Personal Data We Collect

We may collect and process the following personal data:

Through Discovery Call Requests:

  • Full name
  • Email address
  • Phone number
  • Company name and position
  • Industry sector
  • Nature of your compliance enquiry
  • Any information you provide in messages

Automatically Through Website Use:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referral source
  • Cookies and similar technologies (see Cookie Policy below)

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you submit a discovery call request or subscribe to communications
  • Contract Performance: To provide consultation services and project quotes
  • Legitimate Interests: To improve our services, respond to enquiries, and maintain business records
  • Legal Obligation: To comply with tax, accounting, and regulatory requirements

5. How We Use Your Personal Data

We use your data for:

  • Service Delivery: Scheduling discovery calls, preparing project scopes, and delivering consulting services
  • Communication: Responding to enquiries, sending project proposals, and providing updates
  • Business Operations: Invoicing, contract management, and record-keeping
  • Service Improvement: Analysing website usage to enhance user experience
  • Legal Compliance: Meeting tax, accounting, and regulatory obligations

We do NOT:

  • Sell your personal data to third parties
  • Use your data for automated decision-making or profiling
  • Send marketing communications without explicit consent

6. Data Sharing and Third-Party Processors

We may share your data with trusted third-party service providers who assist in operating our business:

Service Providers:

  • WordPress.com (Automattic Inc.) – Website hosting and management
  • Email Service Providers – For professional communications
  • Calendar/Scheduling Tools – For managing discovery calls (if applicable)
  • Accounting Software – For invoicing and financial records

All third-party processors are GDPR-compliant and bound by data processing agreements.

Legal Disclosure: We may disclose your data if required by law, court order, or regulatory authority.

7. International Data Transfers

Some service providers (e.g., WordPress.com) may be located outside the European Economic Area (EEA). When data is transferred internationally, we ensure:

  • Standard Contractual Clauses (SCCs) are in place
  • Adequate safeguards protect your data
  • Compliance with GDPR requirements

8. Data Retention

We retain your personal data only as long as necessary:

  • Active Client Data: Duration of contract plus 10 years (Italian tax law requirements)
  • Prospect/Enquiry Data: 2 years from last contact, unless you request earlier deletion
  • Accounting Records: 10 years (Italian legal requirement)
  • Website Analytics: Anonymized after 26 months

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure (“Right to be Forgotten”): Request deletion of your data
Right to Restriction: Limit how we process your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time (without affecting prior lawful processing)
Right to Lodge a Complaint: Contact the Italian Data Protection Authority (Garante per la protezione dei dati personali)

To exercise your rights, contact: ana.kumlien@gmail.com

We will respond within 30 days of your request.

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Secure encrypted connections (SSL/HTTPS)
  • Password-protected systems
  • Regular security assessments
  • Limited access to personal data (need-to-know basis)
  • Secure backups and data storage

However, no internet transmission is completely secure. We cannot guarantee absolute security but take all reasonable precautions.

11. Cookie Policy

Our website uses cookies to improve functionality and user experience.

Essential Cookies: Necessary for website operation (e.g., session management)
Analytics Cookies: Understand how visitors use our site (WordPress Stats)
Preference Cookies: Remember your settings and preferences

Managing Cookies: You can control cookies through your browser settings. However, disabling essential cookies may affect website functionality.

For more information, visit: [Cookie Policy page if separate]

12. Links to Third-Party Websites

Our website may contain links to third-party websites (e.g., LinkedIn, client logos). We are not responsible for their privacy practices. Please review their privacy policies before providing personal data.

13. Children’s Privacy

Our services are intended for business professionals. We do not knowingly collect data from individuals under 18 years of age.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in:

  • Legal requirements
  • Our business practices
  • Service providers

Material changes will be communicated via:

  • Website notification
  • Email to existing clients

Last Updated: [Date shown at top of policy]

15. Contact Us

For questions, concerns, or to exercise your data protection rights:

Email: ana.kumlien@gmail.com
Phone: +39 346 370 9748
Address: Ana Carolina Maganha de Almeida, Viterbo, Italy

Italian Data Protection Authority (Garante):
Website: www.gpdp.it
Email: garante@gpdp.it

16. Consent

By using this website and our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described.

You may withdraw consent at any time by contacting us.

Document Reference: Privacy Policy v2.0
Language: English (Versions available in Italian, Portuguese, Spanish upon request)